Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	May 23, 2022, 4:51 p.m.	May 23, 2022, 4:57 p.m.

Size	304.7KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`7010fcef8ef1d66b47d9b802d2f4052e`
SHA256	`8a772d958134a2bd7d689795c721ffd43a29133f9f1076331778b6089977c7c9`
CRC32	`B28CD964`
ssdeep	`6144:Pm1V/A6lGGSvIDgIU5BA1gAOV1Vr6yj/pPZ0ykXU8kbN:qV/A6lGGSvYsPf1AyTpxbkobN`
Yara	IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

MicroWorld-eScan	Gen:Variant.Lazy.185520
FireEye	Generic.mg.7010fcef8ef1d66b
ALYac	Gen:Variant.Lazy.185520
Cylance	Unsafe
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik.HPPO
APEX	Malicious
Kaspersky	HEUR:Trojan.Win32.Bingoml.gen
BitDefender	Gen:Variant.Lazy.185520
Avast	Win32:TrojanX-gen [Trj]
Tencent	Win32.Trojan.Falsesign.Adae
Ad-Aware	Gen:Variant.Lazy.185520
Emsisoft	Gen:Variant.Lazy.185520 (B)
DrWeb	Trojan.PWS.Stealer.32832
McAfee-GW-Edition	Artemis!Trojan
Sophos	ML/PE-A
SentinelOne	Static AI - Suspicious PE
Microsoft	Trojan:Script/Phonzy.A!ml
GData	Gen:Variant.Lazy.185520
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.R493290
McAfee	Artemis!7010FCEF8EF1
MAX	malware (ai score=89)
Malwarebytes	Trojan.MalPack
Rising	Backdoor.Pandora!8.7729 (TFE:dGZlOgUOkVOfV9sW/g)
Fortinet	W32/Kryptik.HPPO!tr
BitDefenderTheta	Gen:NN.ZexaF.34682.tuX@aK3JBwei
AVG	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_90% (W)

%EF%BB%BF296_2.exe